Dieter Maurer wrote at 2003-11-14 20:43 +0100:
 > Jim Fulton wrote at 2003-11-13 15:22 -0500:
 >  > ... new security policy for NSEC ...

 > Folklore says that Zope cannot protect attributes of simple types
 > (because they do not provide the method magic that will be lost
 > for NSEC).
 > ...
 > Of course, Zope cannot check a bare value of simple type, but
 > usually it has "container" and/or "parent" and then checking would
 > be easy by looking at related ("__roles__") attributes of the container/parent.
 > 
 > I will see this weekend whether I have been true.
 > If so, the same mechanism could (in principle) be used for
 > methods.

Patch attached.

-- 
Dieter

--- AccessControl/ZopeSecurityPolicy.py~	2003-06-10 09:08:49.000000000 +0200
+++ AccessControl/ZopeSecurityPolicy.py	2003-11-15 12:41:28.000000000 +0100
@@ -211,3 +211,42 @@
             if type(roles) is StringType:
                 roles=[roles]
             return context.user.allowed(object, roles)
+
+
+###########################################################################
+# DM: experimental (proof of concept) implementation of explicite
+#  protection for simple type attributes
+#  Attribute "a" is protected by roles "a__roles__" in its container
+if os.environ.get("ZOPE_SECURITY_PROTECT_ATTRIBUTES"):
+
+    from Acquisition import aq_base
+
+    class ZopeSecurityPolicy(ZopeSecurityPolicy):
+
+        _inherited_validate = ZopeSecurityPolicy.validate
+
+        def validate(self, accessed, container, name, value, context,
+                     roles=_noroles, None=None,
+                     ):
+            # check whether the standard security policy can/must decide
+            if (
+                # start with inexpensive checks
+                roles is not _noroles
+                or name is None
+                or value is None
+                or container is None
+                # now the expensive ones
+                or hasattr(value,'__roles__')
+                or not hasattr(aq_base(container), name + '__roles__')
+                ):
+                # let standard security policy decide
+                pass
+            else:
+                # the container provides roles for access to this value
+                roles = getattr(container, name + '__roles__')
+                # pretend, we access the container (what we are doing indeed)
+                value = container
+
+            return self._inherited_validate(accessed,container,
+                                                name,value,
+                                                context,roles)
_______________________________________________
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Reply via email to